Proposed EU cyber security law would firm up breach notification rules

Large Internet companies would be required to notify a national agency about serious incidents

Jennifer Baker (IDG News Service)
07 February, 2013 11:29
Comments

New rules on cyber security across the European Union were presented on Thursday after weeks of speculation and leaked drafts.

The main part of the European Commission's Cyber Security Strategy is a proposed Directive on Network and Information Security. If approved by the European Parliament and member states, this would become E.U. law.

Previous voluntary efforts have fallen short, "leaving many gaps in our overall cybersecurity" according to a Commission document. Currently only telecom companies are required to report significant security incidents. The new Directive would extend that to major Internet companies such as large cloud providers, social networks, e-commerce platforms and search engines, the banking sector and critical infrastructure services including energy, transport and health as well as public administrations.

All these organizations would have to report any security breach that has "a significant impact on the security of core services" to a national authority. This authority "may require that the public be informed", but a public announcement will not be mandatory.

"At the end of the day openness and transparency about your experience is going to result in a better environment for all," said Digital Agenda Commissioner Neelie Kroes.

She hit out at business managers who deny cyber attacks are happening because they are worried about reputation. Secrecy is not the way forward, she said. Statistics show that in 2012, 93 percent of large corporations experienced a cyber attack. "It is near-by normal," said the Commissioner, so there is no reason for secrecy.

Follow Jennifer on Twitter at @BrusselsGeek or email tips and comments to jennifer_baker@idg.com.

"Tony Abbott's cuts to the bone, fibre to the home, should send ..."

Turnbull criticises government's NBN budget cuts
"I was wondering how to improve my business. Then I finally visit ..."

Telstra apologises after customer records appear online
"Greg, I never said that Turnbull set up Ozemail. Read what I ..."

Conroy dismisses claims of NBN failing
"Futureproof omg your so wrong. Turnbull NBN is backward proof like your ..."

Conroy dismisses claims of NBN failing
"Conroy is out of his depth. Turnbull maybe a punce, but was ..."

Conroy dismisses claims of NBN failing

Tags: business issues, telecommunication, security, legal, internet

Whitepapers

All whitepapers

Most Read

Sign up now to get free exclusive access to reports, research and invitation only events.

Most Commented

Featured Whitepapers

Building a Better Mousetrap in Anti-Malware

This story is becoming frustratingly old. Cyber threats are continuously advancing in their adaptability speed, sophistication, and degree of stealthiness. At the same time, the exposed footprint is expanding. More business operations are moving online and end-user devices—corporate-issued and user-owned—are expanding in number and variety. A reasonable question asked by executives responsible for making decisions on their organisations’ security budgets is whether their money and resources are being spent wisely. Are their businesses buying and using the best mix of security technologies to meet their needs and obligations? Read on.

Featured Download

aMSN Messenger

Zones

Most Popular Whitepapers

Deploying Flash in the Enterprise

Flash is quickly emerging as the preferred way to overcome the nagging performance limitations of hard disk drives. However, because flash comes at a significant price premium, outright replacement of HDDs with flash only makes sense in situations in which capacity requirements are relatively small and performance requirements are high. Learn how deployment approaches-including hybrid storage arrays, server flash, and all-flash arrays-that combine the performance of flash with the capacity of HDDs can be cost effective for a broad range of performance requirements.

Popular tags: Business Management, Security, Storage, Data Centre, Virtualisation

Latest Jobs

FTTechnical Consulting ManagerNSW
FTTest Analyst (MS Environment) .netNSW
FTTest Analyst (MS Environment) .netNSW
FTTechnical Account Manager - MSP + CloudVIC
FTTest EngineerVIC
FTSenior Field Engineer - MSNSW
FTTest Manager - IMMEDIATE STARTNSW
FTSenior Projects EngineerNSW
FTLead Software EngineerSA
FTR&D EngineerSA
FTWeb Developer- Drupal and PHP. Exciting new position- #2 in Dev team.$100k+SuperNSW
FTSenior Python Web Applications DeveloperNSW
FTSenior E-Commerce PHP Developer- North Sydney- E-commerce Software $110kNSW
FTSenior Python DeveloperNSW
FT1st Line Support EngineerNSW
FTQuality ManagerSA
FT.NET - Sitecore Developer - Melbourne - PermNSW
FT2nd Level Support EngineerNSW
FTSnr Web Developer PHP/Magento/API integration into E-commerce sites. $100k+SuperNSW
FTSenior Python DeveloperNSW
FTOS Web Applications DeveloperNSW

Market Place

Proposed EU cyber security law would firm up breach notification rules

Recommended

UPDATED: 4G in Australia: The state of the ...

How cloud is reinventing the IT department

From CMO to CEO: Anametrix’s Pelin Thorogood

Australia lags Mongolia in Internet speeds

NBN Co connects largest high-rise apartment to the NBN

iPhone 6 rumour rollup for the week ending May 17

UPDATED: 4G in Australia: The state of the nation

Google Now, Hangouts feel here, there and everywhere

Digital coalition asks for a fair deal on TPP copyright provisions

NBN debate turns into slanging match

Turnbull blasts Labor over unsold spectrum in Digital Dividend

Australia lags Mongolia in Internet speeds

Conroy dismisses claims of NBN failing

Optus unbundles broadband and phone plans

Building a Better Mousetrap in Anti-Malware

Agentless Security for Virtual Environments

Advanced Malware Exposed

2013 Global Information Security Survey: Initial findings

aMSN Messenger

Symantec Business Critical Virtualisation Content Zone

BlackBerry Enterprise Service 10 Zone

HP Tech Connect Resource Centre

Deploying Flash in the Enterprise

Hybrid IT Service Management: A Requirement for Virtualisation and Cloud Computing

Building Maturity and Experience in Successful Virtualisation Strategies

Staying Ahead of the Data Explosion

Compliance, Control, Cost and Consumerisation

Computerworld newsletter

Don't have an account?

Proposed EU cyber security law would firm up breach notification rules

Recommended

Computerworld newsletter